facebook / ThreatExchange
Source Code Overview

Analysis scope, overview of main, test, generated, deployment, build, and other code.

Source Code Analysis Scope
Files includes and excluded from analyses
txt
ini
hcl
dockerignore
watchmanconfig
in
m4
tpl
prettierignore
  • 35 extensions are included in analyses: py, tsx, tf, md, cpp, java, h, rst, php, json, rb, txt, scss, gitignore, yml, js, yaml, sh, ini, hcl, c, css, html, ipynb, go, dockerignore, watchmanconfig, bat, bzl, xml, in, m4, tpl, prettierignore, ts
  • 6 criteria are used to exclude files from analysis:
    • exclude files with path like ".*/[.][a-zA-Z0-9_]+.*" (Hidden files and folders) (33 files).
    • exclude files with path like ".*/docs/.*" (Documentation) (46 files).
    • exclude files with path like ".*/git[-]history[.]txt" (Git history) (1 file).
    • exclude files with path like ".*/git[-][a-zA-Z0-9_]+[.]txt" (Git data exports for sokrates analyses) (0 files).
    • exclude files with path like ".*/bin/.*" (Binaries for distribution) (36 files).
    • exclude files with path like ".*[.]m4" (stuff autogenerated by autoconf - still C deps) (1 file).
Overview of Analyzed Files
Basic stats on analyzed files
Intro
For analysis purposes we separate files in scope into several categories: main, test, generated, deployment and build, and other.

  • The main category contains all manually created source code files that are being used in the production.
  • Files in the main category are used as input for other analyses: logical decomposition, concerns, duplication, file size, unit size, and conditional complexity.
  • Test source code files are used only for testing of the product. These files are normally not deployed to production.
  • Build and deployment source code files are used to configure or support build and deployment process.
  • Generated source code files are automatically generated files that have not been manually changed after generation.
  • While a source code folder may contain a number of files, we are primarily interested in the source code files that are being written and maintained by developers.
  • Files containing binaries, documentation, or third-party libraries, for instance, are excluded from analysis. The exception are third-party libraries that have been changed by developers.

main45524 LOC (82%) 430 files
test3220 LOC (5%) 51 files
generated443 LOC (<1%) 1 files
build and deployment99 LOC (<1%) 6 files
other5651 LOC (10%) 79 files
Main Code
All manually created or maintained source code that defines logic of the product that is run in a production environment.
tpl
in
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*".
  • 430 files match defined criteria (45,524 lines of code, 100.0% vs. main code):
    • 205 *.py files (19,017 lines of code)
    • 58 *.tsx files (6,495 lines of code)
    • 38 *.java files (6,343 lines of code)
    • 48 *.tf files (3,769 lines of code)
    • 14 *.cpp files (2,968 lines of code)
    • 5 *.rb files (1,455 lines of code)
    • 22 *.h files (1,394 lines of code)
    • 15 *.php files (1,393 lines of code)
    • 4 *.c files (828 lines of code)
    • 2 *.ipynb files (753 lines of code)
    • 3 *.js files (562 lines of code)
    • 10 *.scss files (232 lines of code)
    • 1 *.go files (205 lines of code)
    • 1 *.ts files (49 lines of code)
    • 1 *.bzl files (24 lines of code)
    • 1 *.tpl files (21 lines of code)
    • 1 *.html files (11 lines of code)
    • 1 *.in files (5 lines of code)
  • " *.py" is biggest, containing 41.77% of code.
  • " *.in" is smallest, containing 0.01% of code.


*.py19017 LOC (41%) 205 files
*.tsx6495 LOC (14%) 58 files
*.java6343 LOC (13%) 38 files
*.tf3769 LOC (8%) 48 files
*.cpp2968 LOC (6%) 14 files
*.rb1455 LOC (3%) 5 files
*.h1394 LOC (3%) 22 files
*.php1393 LOC (3%) 15 files
*.c828 LOC (1%) 4 files
*.ipynb753 LOC (1%) 2 files
*.js562 LOC (1%) 3 files
*.scss232 LOC (<1%) 10 files
*.go205 LOC (<1%) 1 files
*.ts49 LOC (<1%) 1 files
*.bzl24 LOC (<1%) 1 files
*.tpl21 LOC (<1%) 1 files
*.html11 LOC (<1%) 1 files
*.in5 LOC (<1%) 1 files
Test Code
Used only for testing of the product. Normally not deployed in a production environment.
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*[.][Tt]est[.].*".
    • files with paths like ".*[.]test[.].*".
    • files with paths like ".*/[Tt]ests/.*".
    • files with paths like ".*/test_.*".
    • files with paths like ".*_test[.].*".
    • files with paths like ".*/[Tt]est/.*".
    • files with paths like ".*[-]test[-].*".
  • 51 files match defined criteria (3,220 lines of code, 7.1% vs. main code):
    • 47 *.py files (2,868 lines of code)
    • 1 *.js files (181 lines of code)
    • 1 *.go files (91 lines of code)
    • 1 *.java files (75 lines of code)
    • 1 *.tsx files (5 lines of code)
  • " *.py" is biggest, containing 89.07% of code.
  • " *.tsx" is smallest, containing 0.16% of code.


*.py2868 LOC (89%) 47 files
*.js181 LOC (5%) 1 files
*.go91 LOC (2%) 1 files
*.java75 LOC (2%) 1 files
*.tsx5 LOC (<1%) 1 files
Generated Code
Automatically generated files, not manually changed after generation.
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*[.]java" AND any line of content like ".*The following code was generated by JFlex.*".
  • 1 file matches defined criteria (443 lines of code, 1.0% vs. main code). All matches are in *.java files.


*.java443 LOC (100%) 1 files
Build and Deployment Code
Source code used to configure or support build and deployment process.
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*[.]git[a-z]+".
    • files with paths like ".*/[.]gitignore".
    • files with paths like ".*/package[.]json".
    • files with paths like ".*[.]sh".
    • files with paths like ".*[.]bat".
    • files with paths like ".*/pom[.]xml".
  • 6 files match defined criteria (99 lines of code, 0.2% vs. main code):
    • 1 *.xml files (59 lines of code)
    • 5 *.sh files (40 lines of code)
  • " *.xml" is biggest, containing 59.6% of code.
  • " *.sh" is smallest, containing 40.4% of code.


*.xml59 LOC (59%) 1 files
*.sh40 LOC (40%) 5 files
Other Code
txt
ini
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*[.]md".
    • files with paths like ".*[.]txt".
    • files with paths like ".*/[.]prettierignore".
    • files with paths like ".*/README[.][a-z0-9]+".
    • files with paths like ".*[.]json".
    • files with paths like ".*/[.]gitignore".
    • files with paths like ".*[.]ini".
    • files with paths like ".*/[.]dockerignore".
    • files with paths like ".*/[Ee]xamples/.*".
    • files with paths like ".*[.](rst|rest|resttxt|rsttxt)".
    • files with paths like ".*/LICENSE[.][a-z0-9]+".
  • 79 files match defined criteria (5,651 lines of code, 12.4% vs. main code):
    • 42 *.md files (3,064 lines of code)
    • 10 *.txt files (1,509 lines of code)
    • 6 *.py files (387 lines of code)
    • 7 *.tf files (259 lines of code)
    • 4 *.json files (194 lines of code)
    • 2 *.html files (118 lines of code)
    • 5 *.ini files (70 lines of code)
    • 3 *.rst files (50 lines of code)
  • " *.md" is biggest, containing 54.22% of code.
  • " *.rst" is smallest, containing 0.88% of code.


*.md3064 LOC (54%) 42 files
*.txt1509 LOC (26%) 10 files
*.py387 LOC (6%) 6 files
*.tf259 LOC (4%) 7 files
*.json194 LOC (3%) 4 files
*.html118 LOC (2%) 2 files
*.ini70 LOC (1%) 5 files
*.rst50 LOC (<1%) 3 files
Analyzers
Info about analyzers used for source code examinations.
  • *.py files are analyzed with PythonAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Basic heuristic dependency analysis
  • *.tsx files are analyzed with TypeScriptAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • No dependency analysis
  • *.java files are analyzed with JavaAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Advanced heuristic dependency analysis (based on package names)
  • *.tf files are analyzed with YamlAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.cpp files are analyzed with CppAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Advanced heuristic dependency analysis
  • *.rb files are analyzed with RubyAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • Basic heuristic dependency analysis
  • *.h files are analyzed with CppAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Advanced heuristic dependency analysis
  • *.php files are analyzed with PhpAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Basic heuristic dependency analysis
  • *.c files are analyzed with CStyleAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • No dependency analysis
  • *.ipynb files are analyzed with DefaultLanguageAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Basic code cleaning (empty lines removed for LOC calculations and duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.js files are analyzed with JavaScriptAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • No dependency analysis
  • *.scss files are analyzed with ScssAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.go files are analyzed with GoLangAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Basic heuristic dependency analysis
  • *.ts files are analyzed with TypeScriptAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • No dependency analysis
  • *.bzl files are analyzed with DefaultLanguageAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Basic code cleaning (empty lines removed for LOC calculations and duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.tpl files are analyzed with DefaultLanguageAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Basic code cleaning (empty lines removed for LOC calculations and duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.html files are analyzed with HtmlAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Advanced heuristic dependency analysis
  • *.in files are analyzed with RustAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • No dependency analysis

2022-04-14 23:00